IETF Logo Mail Archive

Re: [TLS] Review of PR #209

Andrei Popov <Andrei.Popov@microsoft.com> Tue, 22 September 2015 15:09 UTC

Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32CCC1A914E for <tls@ietfa.amsl.com>; Tue, 22 Sep 2015 08:09:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tq0hBmVIdogo for <tls@ietfa.amsl.com>; Tue, 22 Sep 2015 08:09:29 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1bon0703.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::1:703]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2654B1A90E1 for <tls@ietf.org>; Tue, 22 Sep 2015 08:09:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=eEBSLT3v3NOcQ14vtEEn8QPdNFm1LcmwEit0F5pUC5c=; b=MEgN5fuPQbhTpM2dA0g5Pzd1TfS0lkh7w4KjW5LLR7TL1+6qa48uh28afHDYFKEQMuq9BKpne6cHvrF4dc7BbAvUTVFGxVDA8C/GFAWHfAvyNi0f/WulxApgL0WdrllP3Dj15y1BRVvL0K1BvzHEmDXRZcStIFLkc/inj2MnaXA=
Received: from BLUPR03MB1396.namprd03.prod.outlook.com (10.163.81.142) by BLUPR03MB1394.namprd03.prod.outlook.com (10.163.81.140) with Microsoft SMTP Server (TLS) id 15.1.268.17; Tue, 22 Sep 2015 15:09:10 +0000
Received: from BLUPR03MB1396.namprd03.prod.outlook.com ([10.163.81.142]) by BLUPR03MB1396.namprd03.prod.outlook.com ([10.163.81.142]) with mapi id 15.01.0268.017; Tue, 22 Sep 2015 15:09:10 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: "henry.story@bblfish.net" <henry.story@bblfish.net>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Review of PR #209
Thread-Index: AQHQxuqZE5b0AgbP4UGzDBeqZzcHy54+TSMggAFOUoCAACZ9gIAE38sAgAIv/YCAAJJbAIAArIQAgADRe4CAAB1jMA==
Date: Tue, 22 Sep 2015 15:09:10 +0000
Message-ID: <BLUPR03MB139639EEDFA56D55EB8705808C450@BLUPR03MB1396.namprd03.prod.outlook.com>
References: <CABkgnnWtUjH1b3xm_peffNxNpxXE9rudJLJpn1ExNpE7B29AhA@mail.gmail.com> <BLUPR03MB13962416E8D8AD71CFFE13C08C5C0@BLUPR03MB1396.namprd03.prod.outlook.com> <20150916153041.GA14682@LK-Perkele-VII> <CABkgnnVbJvFQ217Yq7eVLV+_cuQOUVoi1Ydixq5zBC9Zju1U-g@mail.gmail.com> <87eghugo9n.fsf@alice.fifthhorseman.net> <84975A12-87F7-4E5A-BC0D-0E0D68FEB2F1@inria.fr> <87613326ol.fsf@alice.fifthhorseman.net> <m2fv278exp.fsf@localhost.localdomain> <E1EF63EA-C301-4229-AD77-1475298F753C@bblfish.net>
In-Reply-To: <E1EF63EA-C301-4229-AD77-1475298F753C@bblfish.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Andrei.Popov@microsoft.com;
x-originating-ip: [2001:4898:80e8:5::5a8]
x-microsoft-exchange-diagnostics: 1; BLUPR03MB1394; 5:g8smNRSM1efqGTNqEP9LiCYwhD533JdB1SsaCEMXwSfmKlYm4qAYuKCDbzCuOOQzv1No6u/GO4gvOtP9/SN27ZXSpt/tdaBhogngj75OkfIGTNWUe7mFEEnejVU6UEYDptT12f1BaBSOwfsJDP0lRQ==; 24:1RUMQWi4tbsJ+Rt4PmKJpC3Z9QHybpSeFq+0wPBVfiRaD4GZoJ7g9Z3eXZtSI+P5EbbwRt6vjp0o9fJVhzmf/Q/k0Sr8G1xdC3faBS9uwEU=; 20:dQ+w7cxgV00y4952dIQE5W7hdO8QwUHbn2rwuh4lI/hdV4Ct+ByHtuuWhqifECH5LpSrQyKz9q940AU/8PKM5A==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR03MB1394;
x-microsoft-antispam-prvs: <BLUPR03MB13948723581C28FE3BB66EBD8C450@BLUPR03MB1394.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425019)(601004)(2401047)(5005006)(520078)(8121501046)(3002001)(61426019)(61427019); SRVR:BLUPR03MB1394; BCL:0; PCL:0; RULEID:; SRVR:BLUPR03MB1394;
x-forefront-prvs: 0707248B64
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(189002)(377454003)(199003)(24454002)(13464003)(19580405001)(105586002)(106356001)(106116001)(99286002)(19580395003)(46102003)(101416001)(86362001)(74316001)(50986999)(5004730100002)(86612001)(5002640100001)(76176999)(54356999)(5007970100001)(11100500001)(10090500001)(561944003)(5003600100002)(87936001)(10400500002)(5005710100001)(15395725005)(33656002)(5001920100001)(5001860100001)(8990500004)(107886002)(5001960100002)(68736005)(4001540100001)(92566002)(102836002)(15975445007)(40100003)(77096005)(81156007)(122556002)(189998001)(2950100001)(77156002)(62966003)(76576001)(2900100001)(64706001)(2501003)(93886004)(5001770100001)(97736004)(5001830100001)(10290500002)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR03MB1394; H:BLUPR03MB1396.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Sep 2015 15:09:10.1386 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR03MB1394
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/eQrdDZ0FzNyGxjM912Fr8b7SS3k>
Subject: Re: [TLS] Review of PR #209
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Sep 2015 15:09:32 -0000

Hi Henry,

> 1) it will be possible on the same connection to authenticate with multiple different certificates,
With the current proposal as it stands, yes.

> 2) the different identities won't ( necessarily ? ) be cumulative ie, a server getting the identity I1 and then I2 on the same TLS connection won't be able to conclude that the referent of I1 is the same as the referent of  I2 ?
I believe the server can conclude this; the caveat is that in practice a server can only support a limited number of client identities simultaneously.

> Thinking of a possible use of this over HTTP I find this surprising. So perhaps it is not meant to be applied there. Where is it?
Indeed there's a surprising number of sites that have a landing page accessible without client auth, but require client auth when a protected resource is accessed. This is currently done via renegotiation; in TLS1.3 we're looking for a way to accommodate such sites.

> If that were to work correctly would one not also have to change the encryption for each user?
So far we don't know that one has to change the encryption keys after each client authentication, but this is still under discussion.

Cheers,

Andrei

-----Original Message-----
From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of henry.story@bblfish.net
Sent: Tuesday, September 22, 2015 6:10 AM
To: tls@ietf.org
Subject: Re: [TLS] Review of PR #209


> On 22 Sep 2015, at 01:40, Geoffrey Keating <geoffk@geoffk.org> wrote:
> 
> Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:
> 
>> Consider a server has an ongoing session wrapped in TLS that uses 
>> client authentication to approve or deny some requests from the 
>> client.  It remembers what requests the client has made as some sort 
>> of relevant state.  Let's take an imap server working with a client 
>> that has state of a "currently-examined folder", but this applies to 
>> servers and clients with much more complex state as well.
> ...
> 
> I think for such a protocol, you'd want to say that authentication is 
> not retroactive.
> 
> For other protocols, you might want something else.  For example, in a 
> protocol which uses client authentication for billing, you might want 
> to treat an authentication half-way through the session as the account 
> to bill for the entire session.
> 
> Some protocols will also want to support multiple identities, and some 
> will not.  For some protocols a new authentication might want to in 
> some fashion dis-trust previous authentications, other protocols might 
> say that all previous authentications are valid until the end of the 
> session.

If I get this right: 
1) it will be possible on the same connection to authenticate with multiple different certificates,
2) the different identities won't ( necessarily ? ) be cumulative ie, a server getting the identity I1 and then I2 on the same TLS connection won't be able to conclude that the referent of I1 is the same as the referent of  I2 ?

Thinking of a possible use of this over HTTP I find this surprising. So perhaps it is not meant to be applied there. Where is it?

If that were to work correctly would one not also have to change the encryption for each user?

(sorry to enter the discussion but I am also just checking because I seem to have made a mistaken claim on the HTTP list if 1) is true )

> 
> 
> I think this is something that TLS should allow higher-level protocols 
> to specify.  The TLS model could be that each client authentication 
> happens at a particular point in the session, breaking it up into 
> segments, and TLS informs the higher-level protocols of where the 
> segments start and end; it's up to the higher-level protocol to work 
> out what that means.
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls

Social Web Architect
http://bblfish.net/

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email